Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2019/10/04 8:27 p.m.20 views

CVE-2008-3906

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string...

4.3CVSS7.2AI score0.07102EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.30 views

Mandriva Security Advisory MDVSA-2009:322 (mono)

The remote host is missing an update to mono announced via advisory MDVSA-2009:322. OpenVAS Vulnerability Test $Id: mdksa2009322.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:322 mono Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

7.5CVSS0.6AI score0.07102EPSS
Exploits2
OpenVAS
OpenVAS
added 2009/09/02 12:0 a.m.34 views

Ubuntu USN-826-1 (mono)

The remote host is missing an update to mono announced via advisory USN-826-1. OpenVAS Vulnerability Test $Id: ubuntu8261.nasl 8616 2018-02-01 08:24:13Z cfischer $ $Id: ubuntu8261.nasl 8616 2018-02-01 08:24:13Z cfischer $ Description: Auto-generated from advisory USN-826-1 mono Authors: Thomas...

5CVSS0.3AI score0.07102EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2009/08/26 7:6 p.m.87 views

USN-826-1: Mono vulnerabilities

It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. CVE-2009-0217 It was discovered that Mono did not properly escape certain attributes in th...

5CVSS7.1AI score0.07102EPSS
Exploits1
NVD
NVD
added 2008/09/04 5:41 p.m.20 views

CVE-2008-3906

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string...

4.3CVSS6.7AI score0.07102EPSS
Exploits1References11
CVE
CVE
added 2008/09/04 5:0 p.m.71 views

CVE-2008-3906

CVE-2008-3906 is a CRLF injection vulnerability in Mono’s Sys.Web (versions 2.0 and earlier) that enables remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via CRLF sequences in the query string. Multiple advisories (Mandriva MDVSA-2008:210-1, Ubuntu USN-826-1,...

4.3CVSS6.6AI score0.07102EPSS
Exploits1References11Affected Software2
Rows per page
Query Builder